Date: Sat, 16 Jun 2012 05:19:56 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: CVE request: phplist before 2.10.18 XSS and sql injection http://www.exploit-db.com/exploits/18639/ cite from there: "Desc: Input passed via the parameter 'sortby' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The param 'num' is vulnerable to a XSS issue where the attacker can execute arbitrary HTML and script code in a user's browser session in context of an affected site." Upstreams release notes for 2.10.18: http://www.phplist.com/?lid=567 mentions: "This version fixes a few small bugs and a security issue that was found. The security issues fixed require the administrator to be logged in. Therefore the vulnerability can be classified as "intermediate". There's no immediate danger of the vulnerabilities to be exploited remotely." Please assign two CVEs. -- Hanno Böck mail/jabber: hanno@...eck.de GPG: BBB51E42 http://www.hboeck.de/ Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ